#include "crypto_aead.h" /** * Designers: Daniel Penazzi, Miguel Montes This codification: Daniel Penazzi. * This code is hereby placed in the public domain. */ typedef unsigned long long u64; typedef unsigned int u32; //number of rounds of initialization, times 11 (12x11) #define NRINIT 132 //number of rounds of processing ad and message, times 11 #define NRMID 99 //extra number of rounds of finalization (after NRMID rounds are done), times 11 #define NREND 33 //increase of i for the round constants #define STEP 11 #define ROTR(x,n) (((x)>>(n))|((x)<<(64-(n)))) void Difusion(u64 W[5]){ W[3]^= ROTR(W[3],57)^ROTR(W[3],63); W[4]^= ROTR(W[4],3)^ROTR(W[4],26); W[0]^= ROTR(W[0],43)^ROTR(W[0],62); W[1]^= ROTR(W[1],21)^ROTR(W[1],46); W[2]^= ROTR(W[2],58)^ROTR(W[2],61); W[0]^=W[3]^W[4];W[1]^=W[3]^W[4];W[2]^=W[3]^W[4]; W[3]^=W[0]^W[1]^W[2];W[4]^=W[0]^W[1]^W[2]; W[0]=ROTR(W[0],8); W[1]=ROTR(W[1],24); W[2]=ROTR(W[2],40); W[3]=ROTR(W[3],56); } void Sbox(u64 W[5]){ u64 x=W[0]; u64 y=W[1]; u64 z=W[2]; u64 u=W[3]; u64 v=W[4]; W[0]=v^(x|u)^(y|(z^x)); W[1]=x^(y|v)^(z|(u^y)); W[2]=y^(z|x)^(u|(v^z)); W[3]=z^(u|y)^(v|(x^u)); W[4]=(~u)^(v|z)^(x|(y^v)); } //R7R6....R1R0 void LESTOREu64in8bytearray(u64 Rv,unsigned char* R){ for(u32 i=0;i<8;i++) { R[i]=(Rv&0xff); Rv=(Rv>>8); } } void PartialLESTOREu64inbytearray(u64 Rv,unsigned char* R,u64 Top){ for(u32 i=0;i>8); } } u64 LELOAD8bytearrayinu64(const unsigned char* R){ u64 Rv=0; for(u32 i=0;i<8;i++) { Rv|=((u64)(R[i])<<(8*i)); } return Rv; } //should only be used if Top<8. u64 PartialLELOADbytearrayinu64(const unsigned char* R,u64 Top){ u64 Rv=(u64)R[0]; for(u64 i=1;i=16){ W[3]^=LELOAD8bytearrayinu64(ad); ad+=8; W[2]^=LELOAD8bytearrayinu64(ad); for(unsigned int i=0;i=16){ W[3]^=LELOAD8bytearrayinu64(m); LESTOREu64in8bytearray(W[3],c);m+=8;c+=8; W[2]^=LELOAD8bytearrayinu64(m); LESTOREu64in8bytearray(W[2],c); for(unsigned int i=0;i=16 void Processciphertxt(u64 W[5],unsigned char *m, const unsigned char *c,unsigned long long clen){ u64 remain=clen-16; while(remain>=16){ LESTOREu64in8bytearray(W[3],m); for(u32 sk=0;sk<8;sk++) m[sk]^=c[sk]; W[3]=LELOAD8bytearrayinu64(c);m+=8;c+=8; LESTOREu64in8bytearray(W[2],m); for(u32 sk=0;sk<8;sk++) m[sk]^=c[sk]; W[2]=LELOAD8bytearrayinu64(c); for(unsigned int i=0;i